HPE Community
Operating System - HP-UX
1824809 Members
4185 Online
109674 Solutions
New Discussion юеВ

sendmail / name lookup

 
Johan Nielsen
Advisor

тАО12-19-2001 03:23 PM

тАО12-19-2001 03:23 PM

sendmail / name lookup

Despite having a relay host configured in the sendmail.cf file (DS), when I attempt to send mail to an external domain, the sendmail process insists on doing a bunch of name lookups. It seems to me that this shouldn't be necessary if the delivery of e-mail is to be handed off to a relay host.

The HP-UX 11.0 server is not configured as a named primary or secondary server.

For most domains, the name lookup works just fine (from a sendmail perspective), however for other domains such as hotmail.com the host_map_lookup fails.

This happens despite the fact that when doing an interactive nslookup on these domains the expected results appear.

In other words, nslookup on hotmail.com (A,MX...) works just fine but sendmail is not able to resolve hotmail.com.

Our dns server is a W2K box running DDNS.

My questions are, why does sendmail have a problem with looking up hotmail.com? Why does sendmail have to do these lookups when a relay host is defined? Is there a way to disable it?

Any help will be much appreciated.

Johan
0 Kudos
Reply
18 REPLIES 18
Sanjay_6
Honored Contributor

тАО12-19-2001 03:38 PM

тАО12-19-2001 03:38 PM

Re: sendmail / name lookup

Hi Johan,

If you are using DNs for your network, configure a resolver to resolve ip address and hostnames. once you have done that do a "nslookup" and try to see if the hostname and ip's are resolved for sites like hotmail.com, msn.com etc. Here is a link on how you can configrue the resolver (/etc/resolv.conf) and the nsswitch.conf,

Take a look at this manual,

http://docs.hp.com/hpux/onlinedocs/B2355-90685/B2355-90685.html

Follow the steps in configuring /etc/resolv.conf and /etc/nsswitch.conf.

Hope this helps.

Regds
0 Kudos
Reply
Johan Nielsen
Advisor

тАО12-19-2001 03:43 PM

тАО12-19-2001 03:43 PM

Re: sendmail / name lookup

Point of clarification - the /etc/resolv.conf is configured to use our DNS servers. nslookups work just fine for all domains but not within a sendmail process...
0 Kudos
Reply
Roger Baptiste
Honored Contributor

тАО12-19-2001 03:55 PM

тАО12-19-2001 03:55 PM

Re: sendmail / name lookup

hi,

Can you pls post the output of sendmail -vt @hotmail.com ??

(and the same with a local mail address)

Also, make sure you do have the DSrelay.domain entry in
/etc/mail/sendmail.cf !.

HTH
raj
Take it easy.
0 Kudos
Reply
Kurt Beyers.
Honored Contributor

тАО12-19-2001 11:09 PM

тАО12-19-2001 11:09 PM

Re: sendmail / name lookup

Johan,

Will your mail server act as a relay server for external domains as well? Usually when you specify a DS host, local mail works fine but external mail will fail because the DS server refuses to relay this mail. So it could be that you have to configure your mail server to relay all the mail from your sendmail.

Kurt
0 Kudos
Reply
Johan Nielsen
Advisor

тАО12-20-2001 05:47 AM

тАО12-20-2001 05:47 AM

Re: sendmail / name lookup

Kurt -
That's actually what we thought in the beginning. However, for the domains that sendmail is not able to resolve, sendmail never attempts to connect to the relay host. For other domains that local sendmail can resolve, the relay host is used to deliver the mail. We are able to follow the message through the various inbound and outbound queues in Exchange. The other thing is that I can manually telnet to port 25 on the relay host and send mail to my hotmail.com account.

This problem has been elavated to tier 2 support at HP.

Thanks
Johan
0 Kudos
Reply
Christopher Caldwell
Honored Contributor

тАО12-20-2001 06:40 AM

тАО12-20-2001 06:40 AM

Re: sendmail / name lookup

You're probably getting hit by the check_mail or check_rcpt ruleset in sendmail.cf.

Check mail checks to make sure the domains in the envelope head work:

Scheck_mail
# check for valid domain name
R$*$: $>3 $1
R $* < @ $+ . >$:
R $* < @ $+ >$#error $: 451 Domain must resolve

This is to
1) prevent the system from having to get deep into the delivery process before figuring out that mail can't be delivered
2) to keep spammers out

If you believe this is the problem, you couldn't think about commenting out the check_mail ruleset.
0 Kudos
Reply
Christopher Caldwell
Honored Contributor

тАО12-20-2001 06:42 AM

тАО12-20-2001 06:42 AM

Re: sendmail / name lookup

oops. Typo.

That should say you COULD think about commenting out the check_mail ruleset.
0 Kudos
Reply
Johan Nielsen
Advisor

тАО12-20-2001 11:50 AM

тАО12-20-2001 11:50 AM

Re: sendmail / name lookup

Mail attempt to: jnielsen68@hotmail.com

# /usr/lib/sendmail -vt -f jnielsen@andersencorp.com jnielsen68@hotmail.com
this is a test
.

jnielsen68@hotmail.com... hotmail.com: Name server timeout
jnielsen68@hotmail.com... Transient parse error -- message queued for future del
ivery
jnielsen68@hotmail.com... queued
#

Mail attempt to: jnielsen@andersencorp.com

# /usr/lib/sendmail -vt -f jnielsen@andersencorp.com jnielsen@andersencorp.co>
this is a test.
.
jnielsen@andersencorp.com... Connecting to smtp.andersencorp.com. via relay...
220 bpexfax1.andersencorp.com ESMTP Server (Microsoft Exchange Internet Mail Ser
vice 5.5.2650.21) ready
>>> EHLO aw060.andersencorp.com
250-bpexfax1.andersencorp.com Hello [aw060.andersencorp.com]
250-XEXCH50
250-HELP
250-ETRN
250-DSN
250-SIZE 0
250-AUTH LOGIN
250 AUTH=LOGIN
>>> MAIL From: SIZE=16
250 OK - mail from ; can accomodate 16 bytes
>>> RCPT To:
250 OK - Recipient
>>> DATA
354 Send data. End with CRLF.CRLF
>>> .
250 OK
jnielsen@andersencorp.com... Sent (OK)
Closing connection to smtp.andersencorp.com.
>>> QUIT
221 closing connection
#
0 Kudos
Reply
Uday_S_Ankolekar
Honored Contributor

тАО12-20-2001 12:05 PM

тАО12-20-2001 12:05 PM

Re: sendmail / name lookup

Hi,

You must have checked this ..

In /etc/nsswitch.conf, is hosts is being resolve DNA and then file??

Or Also try renaming resolv.conf and check if mails get transfers

-USA..
Good Luck..
0 Kudos
Reply
Christopher Caldwell
Honored Contributor

тАО12-20-2001 12:42 PM

тАО12-20-2001 12:42 PM

Re: sendmail / name lookup

 
0 Kudos
Reply
Johan Nielsen
Advisor

тАО12-20-2001 12:43 PM

тАО12-20-2001 12:43 PM

Re: sendmail / name lookup

the /etc/nsswitch.conf file is set up to utilize DNS and then files. Keep in mind that for the majority of domains that we send e-mail to, the system works just fine.

I have received a white paper on Name Server Timeout & Transient Errors.

The paper suggests that there is a problem resolving ROOT servers or something to that effect. I haven't read the paper yet.

Thanks for your help.
0 Kudos
Reply
Johan Nielsen
Advisor

тАО12-20-2001 12:47 PM

тАО12-20-2001 12:47 PM

Re: sendmail / name lookup

 
0 Kudos
Reply
Christopher Caldwell
Honored Contributor

тАО12-20-2001 01:16 PM

тАО12-20-2001 01:16 PM

Re: sendmail / name lookup

>Despite having a relay host configured in the >sendmail.cf file (DS), when I attempt to send >mail to an external domain, the sendmail >process insists on doing a bunch of name >lookups. It seems to me that this shouldn't >be necessary if the delivery of e-mail is to >be handed off to a relay host.

As I said earlier, this will happen if the check_mail ruleset is in play in sendmail.cf - that rule says look up domains to make sure they resolve.

>The HP-UX 11.0 server is not configured as a >
>named primary or secondary server.

It should have to be - it can be run as a caching only name server where it has a copy of the root zone and looks up names itself, or it could use another name server (you should configure more than one in resolv.conf).

>For most domains, the name lookup works just >fine (from a sendmail perspective), however >for other domains such as hotmail.com the >host_map_lookup fails.

You showed us the nslookup diagnostic with mx, now show us the A record by saying
$nslookup -d2
>hotmail.com

post the results.

>This happens despite the fact that when doing >an interactive nslookup on these domains the >expected results appear.

Here's how it works:
# By default, sendmail will attempt to send all email with an address of #
# the form user@host via the SMTP protocol over TCP/IP. If the #
# nameserver is in use, an MX record may direct sendmail to route #
# mail for that host to some other host acting as a "mail exchanger" #
# for the host in the recipient address. If there is no MX record #
# for the target host name then gethostbyname(3n) must be able to return #
# a valid internet address for the host AND the option TryNullMXList must #
# be enabled or else the delivery will fail.


>In other words, nslookup on hotmail.com
>(A,MX...) works just fine but sendmail is not >able to resolve hotmail.com.

This doesn't make sense (I'm not saying your wrong - I'm just saying that it's odd that nslookup works and sendmail won't look up, since they both use the same resolver and DNS -- but I guess that's your point).

I'd think about grabbing a copy of the root zone, and testing your server as a local, caching only DNS. To do that,

-take the root zone I've included, put it in /etc/named.data
-edit /etc/named.boot - it should look something like
;
; type domain source file
;


directory /etc/named.data ; running directory for named

primary 0.0.127.IN-ADDR.ARPA db.127.0.0
cache . db.cache

Edit resolv.conf. Put the host that's having the problem (the one we just added as a name server) on the first line as
nameserver 1.2.3.4
{where 1.2.3.4 is the IP of this name server}

Start named:
#/usr/sbin/named

Restart sendmail:
#killsm
#/usr/sbin/sendmail -bd -q30m



Our dns server is a W2K box running DDNS.

>My questions are, why does sendmail have a >problem with looking up hotmail.com?
Dunno. Doesn't make any sense based on the information we have.

>Why does sendmail have to do these lookups >when a relay host is defined?
You probably are using check_mail, which invites a DNS lookup.

>Is there a way to disable it?
Comment out check_mail in sendmail.cf

BUT - dollars to donuts, you've got some sort of DNS problem. The best thing to do is fix the DNS problem. Commenting out check_mail will just mask a symptom.



Any help will be much appreciated.
0 Kudos
Reply
Christopher Caldwell
Honored Contributor

тАО12-20-2001 01:24 PM

тАО12-20-2001 01:24 PM

Re: sendmail / name lookup

Sorry, forgot db.cache:

; This file holds the information on root name servers needed to
; initialize cache of Internet domain name servers
; (e.g. reference this file in the "cache . "
; configuration file of BIND domain name servers).
;
; This file is made available by InterNIC registration services
; under anonymous FTP as
; file /domain/named.root
; on server FTP.RS.INTERNIC.NET
; -OR- under Gopher at RS.INTERNIC.NET
; under menu InterNIC Registration Services (NSI)
; submenu InterNIC Registration Archives
; file named.root
;
; last update: Aug 22, 1997
; related version of root zone: 1997082200
;
;
; formerly NS.INTERNIC.NET
;
. 3600000 IN NS A.ROOT-SERVERS.NET.
A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4
;
; formerly NS1.ISI.EDU
;
. 3600000 NS B.ROOT-SERVERS.NET.
B.ROOT-SERVERS.NET. 3600000 A 128.9.0.107
;
; formerly C.PSI.NET
;
. 3600000 NS C.ROOT-SERVERS.NET.
C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12
;
; formerly TERP.UMD.EDU
;
. 3600000 NS D.ROOT-SERVERS.NET.
D.ROOT-SERVERS.NET. 3600000 A 128.8.10.90
;
; formerly NS.NASA.GOV
;
. 3600000 NS E.ROOT-SERVERS.NET.
E.ROOT-SERVERS.NET. 3600000 A 192.203.230.10
;
; formerly NS.ISC.ORG
;
. 3600000 NS F.ROOT-SERVERS.NET.
F.ROOT-SERVERS.NET. 3600000 A 192.5.5.241
;
; formerly NS.NIC.DDN.MIL
;
. 3600000 NS G.ROOT-SERVERS.NET.
G.ROOT-SERVERS.NET. 3600000 A 192.112.36.4
;
; formerly AOS.ARL.ARMY.MIL
;
. 3600000 NS H.ROOT-SERVERS.NET.
H.ROOT-SERVERS.NET. 3600000 A 128.63.2.53
;
; formerly NIC.NORDU.NET
;
. 3600000 NS I.ROOT-SERVERS.NET.
I.ROOT-SERVERS.NET. 3600000 A 192.36.148.17
;
; temporarily housed at NSI (InterNIC)
;
. 3600000 NS J.ROOT-SERVERS.NET.
J.ROOT-SERVERS.NET. 3600000 A 198.41.0.10
;
; housed in LINX, operated by RIPE NCC
;
. 3600000 NS K.ROOT-SERVERS.NET.
K.ROOT-SERVERS.NET. 3600000 A 193.0.14.129
;
; temporarily housed at ISI (IANA)
;
. 3600000 NS L.ROOT-SERVERS.NET.
L.ROOT-SERVERS.NET. 3600000 A 198.32.64.12
;
; housed in Japan, operated by WIDE
;
. 3600000 NS M.ROOT-SERVERS.NET.
M.ROOT-SERVERS.NET. 3600000 A 202.12.27.33
; End of File
0 Kudos
Reply
Kevin Wright
Honored Contributor

тАО12-20-2001 01:32 PM

тАО12-20-2001 01:32 PM

Re: sendmail / name lookup

If I were you I would setup your box to be a DNS server, or another UNIX box to be a primary server, and point this box to it to resolve names..then try that..You aren't seriously using Windoze for DNS are you???
0 Kudos
Reply
Johan Nielsen
Advisor

тАО12-20-2001 02:10 PM

тАО12-20-2001 02:10 PM

Re: sendmail / name lookup

Kevin -

I figured that someone was going to ask that question. The answer is "yes" we're using DDNS in Windows2K. This brings up a good point. I thing we will try and configure one of our UX boxes to be a DNS server at least for a short time.

Thanks.
0 Kudos
Reply
Johan Nielsen
Advisor

тАО12-20-2001 02:26 PM

тАО12-20-2001 02:26 PM

Re: sendmail / name lookup

An A record Query on hotmail.com.

> set q=a
> hotmail.com
Server: bpdns1.andersencorp.com
Address: 158.107.40.23

;; res_nmkquery(QUERY, hotmail.com, IN, A)
------------
SendRequest(), len 29
HEADER:
opcode = QUERY, id = 14904, rcode = NOERROR
header flags: query, want recursion
questions = 1, answers = 0, authority records = 0, additional = 0

QUESTIONS:
hotmail.com, type = A, class = IN

------------
------------
Got answer (125 bytes):
HEADER:
opcode = QUERY, id = 14904, rcode = NOERROR
header flags: response, want recursion, recursion avail.
questions = 1, answers = 6, authority records = 0, additional = 0

QUESTIONS:
hotmail.com, type = A, class = IN
ANSWERS:
-> hotmail.com
type = A, class = IN, dlen = 4
internet address = 64.4.52.7
ttl = 3154 (52m34s)
-> hotmail.com
type = A, class = IN, dlen = 4
internet address = 64.4.53.7
ttl = 3154 (52m34s)
-> hotmail.com
type = A, class = IN, dlen = 4
internet address = 64.4.54.7
ttl = 3154 (52m34s)
-> hotmail.com
type = A, class = IN, dlen = 4
internet address = 64.4.43.7
ttl = 3154 (52m34s)
-> hotmail.com
type = A, class = IN, dlen = 4
internet address = 64.4.44.7
ttl = 3154 (52m34s)
-> hotmail.com
type = A, class = IN, dlen = 4
internet address = 64.4.45.7
ttl = 3154 (52m34s)

------------
Non-authoritative answer:
Name: hotmail.com
Addresses: 64.4.52.7, 64.4.53.7, 64.4.54.7, 64.4.43.7
64.4.44.7, 64.4.45.7

>

Thanks
Johan
0 Kudos
Reply
Christopher Caldwell
Honored Contributor

тАО12-20-2001 02:34 PM

тАО12-20-2001 02:34 PM

Re: sendmail / name lookup

If you don't feel like dealing with the DNS, but you want to test, ask your ISP for a couple of DNS addresses. Point your resolver at those boxen instead of the Windoze boxen.

That may be quicker than trying to configure DNS.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.